Linux Distros Unpatched Vulnerability : CVE-2026-11072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium...

DEBIAN-CVE-2026-11080

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11097

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11080

CVE-2026-11080 affects WebView in Google Chrome on Android (before 149.0.7827.53). The vulnerability is a use-after-free in WebView that can lead to heap corruption via a crafted HTML page. The CVSS v3.1 base score is 8.8 (HIGH) with NETWORK attack vector, HIGH confidentiality/integrity/availabil...

CVE-2026-11080

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11072

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: Medium...

PT-2026-46600

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in the WebView component, which allows a local attacker to execute arbitrary code by utilizing a malicious file. Use after free is a memory...

CVE-2026-10510

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

CVE-2026-9888

Use after free in WebView in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-7342

Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-7342

Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

PT-2026-35842

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 147.0.7727.138 Description A use after free issue exists in the WebView component, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use...

KLA91054 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in WebCodecs can be exploited to cause denial of service. 2. Use aft...

CVE-2026-5429

Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a potentially damaging crafted color theme name when a local user opens the workspace. This issue requires the user ...

Notesnook 跨站脚本漏洞

Notesnook is an end-to-end encrypted note application developed by Streetwriters. Versions of Notesnook prior to 3.3.17 contained a cross-site scripting vulnerability. This vulnerability stemmed from stored-cross-site scripting in the mobile sharing or web clipping process. Attackers controlled t...

KLA90963 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in CSS can be exploited to cause denial of service or execute...

Chromium: CVE-2026-3936 Use after free in WebView

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome < 146.0.7680.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop10 advisory. - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71...

Linux Distros Unpatched Vulnerability : CVE-2026-3936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...

Google Chrome < 146.0.7680.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 146.0.7680.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop10 advisory. - Use after free in WebView in Google Chrome on Android prior to 146.0.7680....